0

Esp8266, Arduino, and TLS1.2
Moderators: adafruit_support_bill, adafruit

Forum rules
If you're posting code, please make sure your code does not include your Adafruit IO Active Key or WiFi network credentials.
Please be positive and constructive with your questions and comments.

Esp8266, Arduino, and TLS1.2

by dutchfarmer on Thu May 05, 2016 4:11 pm

Hello All,

As I dive deeper into the Esp8266 and the Arduino IDE platform, i am becoming increasingly bewildered about the fact that using the Arduino platform immediately implies security risks for any prototyping environment. In other words, any IoT prototyping efforts using the Arduino IDE could never go straight to production in any commercial product or pilot.

While googling around, it seems that several esp8266 implementations exist that allow for a tls 1.2 stack with mqtt but always seem to be written in a nearly bare metal rtos framework that requires a highly complex tool chain and big learning curve.

Does anybody know of any projects with the esp8266, Arduino and mqtt over tls1.2? Or perhaps the announced MKR1000 or other SOC platforms running with Arduino?

This seems to be a serious impediment to near term IoT market growth beyond simple hobbiest applications. The abstraction of the Arduino IDE opens up a huge developer base. It is simply a pity that any Arduino project using mqtt is by definition insecure.

Any pointers or thoughts are appreciated.

D-

dutchfarmer
 
Posts: 8
Joined: Mon Apr 11, 2016 3:25 pm

Re: Esp8266, Arduino, and TLS1.2

by jwcooper on Mon May 09, 2016 12:26 pm

Our latest and greatest Feather WICED (https://www.adafruit.com/product/3056) supports tls 1.2 as well. It's in a developer preview, but we have a lot of detailed information about it here: https://learn.adafruit.com/introducing- ... -wifi/faqs

I'm not as familiar with the ESP8266 and tls1.2, but Adafruit IO does support secure mqtts over port 8883 instead of 1883.

jwcooper
 
Posts: 756
Joined: Tue May 01, 2012 9:08 pm

Please be positive and constructive with your questions and comments.